CVE-2006-7110

Name of the Vulnerable Software and Affected Versions IMCE versions prior to 1.6

Description A directory traversal issue exists in the delete function of the IMCE Drupal module, allowing remote authenticated users to delete arbitrary files by utilizing ".." sequences in the input.

Recommendations For versions prior to 1.6, update to version 1.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the delete function in IMCE to minimize the risk of exploitation.